You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Next to the 'scriptfile to execute'-window you'll see a little icon as shown in next picture: When you click that icon, a little window will open that says: 'Please enter the full URL to the sript you want to execute'In the field, copy and paste next URL:

http://metallica.geekstogo.com/alcanshorty.bfu

Click Ok. Then click execute in Brute Force Uninstaller.

Extra note:If nothing happens after pressing the Execute button, this means that the script didn't download. In that case, download the script ( alcanshorty.bfu ) manually from above url ( rightclick on it and choose 'save as' and save it in your BFU-folder). Then start BFU.exe again and click the browse button next to the 'scriptfile to execute'-windowBrowse to the script you downloaded and Click Ok and Execute in Brute Force Uninstaller.

Wait for the complete script execution box to popup and press OK.Press exit to terminate the BFU program.

2) Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present:

Start Killbox.exeSelect the "Delete on Reboot" option.Click on the "All Files" button (!important!),which will then flash green.Copy the complete text in bold below to the clipboard by highlighting the filepaths and pressing Control + C:

C:\WINDOWS\SYSTEM32\WBCMUninst.exeC:\WINDOWS\smdat32m.sys

Open 'file' in the killboxmenu on top and choose Paste from clipboardYou must use the file File menu--pasting by right-clicking the mouse will only enter one file.Then press the button that looks like a red circle with a white X in it.Killbox will tell you that all listed files will be removed on next reboot and asks if you would like to Reboot now, click "yes".Click OK at any Pending File Rename Operations prompt, let me know if there appear.If you don't get that message, reboot manually.Your computer should reboot now.

Save this as fix.batChoose to save as all files.This is how the batch must look afterwards: Doubleclick fix.bat and copy the contents of the text file that opens back here.

5) It is strange that there are no 02's or 020's in the log.A new infection is hiding these entries from a Hijackthis scan.This means certain infections cannot be seen and are therefore hidden to the helper. Go to this folder where Hijackthis is kept and rename the hijackthis application to "analyse".This can be done by right clicking on the program and clicking "rename". Press enter, then open "analyse.exe" by double clicking.Post a new Hijackthis log from the newly named application